[<prev] [next>] [day] [month] [year] [list]
Message-ID: <081A08701BD5BA46ACEE07E9D8A60F873E8B29@troy.win.aquilauk.co.uk>
From: Tim.Saunders at aquilauk.co.uk (Tim Saunders)
Subject: Just when you thought Macafee stuff was safe!
It's the on-access scanner that has the problem when you try to do
anything with the downloaded file. Even if you are only copying it to
another PC.
I would accept it cannot scan the contents of such a large compressed
file if it didn't crash and leave the on-access scanner disabled.
Tim
> -----Original Message-----
> From: gregh [mailto:chows@...mail.com.au]
> Sent: 23 September 2003 22:52
> To: Tim Saunders; full-disclosure@...ts.netsys.com
> Subject: Re: [Full-Disclosure] Just when you thought Macafee
> stuff was safe!
>
>
>
> > ----- Original Message -----
> > From: "Tim Saunders" <Tim.Saunders@...ilauk.co.uk>
> > To: "gregh" <chows@...mail.com.au>;
> <full-disclosure@...ts.netsys.com>
> > Sent: Wednesday, September 24, 2003 1:14 AM
> > Subject: RE: [Full-Disclosure] Just when you thought
> Macafee stuff was
> safe!
>
>
> > Or if your users have McAfee Virus scan wait for them to download a
> > large compressed file, I find zips of oracle CDs from
> partner.oracle.com
> > do nicely. Now watch McAfee crash as it tries to scan the
> contents of
> > the zip and times out (I believe) thus leaving the machine nice and
> > vulnerable since it doesn't auto restart. Any 300MB+ Zip, .tar.gz,
> > .cpio.gz etc seems to work. Smaller files may also work depending on
> > your machine.
>
> Tim,
>
> Gotta say I don't have that problem with Macafee stuff. I
> have 98 and XP
> machines that have anywhere from 500meg files to, in 2 cases, 2gig
> compressed files sitting on them and what you say has never
> happened even
> once in a scheduled scan. I never allow any virus scanner to
> scan incoming
> compressed files. I only allow them to scan when I save to disk from
> attachment and that hasn't ever been a problem, either.
>
> Greg.
>
>
>
Powered by blists - more mailing lists